Solved

My system is infected with a virus and I can't seem to clean it up.

Posted on 2007-03-20
9
301 Views
Last Modified: 2013-12-28
One of my NT 4.0 Servers is infected with the w32.spybot.ALRD virus and I can't delete or quaranteen it. I have ran the latest updates and even tried removing it manually from the registry but I have not luck. Any ideas on what I can do to clean this up?
0
Comment
Question by:frankbustos
  • 6
  • 3
9 Comments
 
LVL 6

Expert Comment

by:bgbeer
ID: 18761243
first thing U need to do is to find a barts pe, erd commander or a linux bootable cd
something that will give u access to the harddrive while keeping it inactive so that u can remove the virus.
0
 
LVL 6

Accepted Solution

by:
bgbeer earned 500 total points
ID: 18761273
let me back up a minute!
the first thing I would do is to unplug this server from the network because it is a network aware worm that can and will spread to all other computers on the network.

after that u need to pull the ram and the cmos battery and let it sit for 10 minutes or so to empty all memory.
at that point find yourself a bootable cd that will keep your haddrive inactive while working w/ it.
0
 
LVL 6

Expert Comment

by:bgbeer
ID: 18761309
the other thing u that more than likely will need to be don is to reinstall
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 

Author Comment

by:frankbustos
ID: 18761414
Hi bgbeer,
   Ok, I will get it off the network then boot it with the ERD commander cd and see if I can delete the virus that way. I will let you know the results tomorrow as i'm off work for the rest of the evening.
0
 
LVL 6

Expert Comment

by:bgbeer
ID: 18761431
frank, after booting to erd commander the first thing I would do is tocheck for running processes.

with erd commander u will have restore points I would use them.
0
 

Author Comment

by:frankbustos
ID: 18761518
bgbeer,

  sounds good, I will do that.
thanks.
0
 
LVL 6

Expert Comment

by:bgbeer
ID: 18761547
no problem

good luck
0
 

Author Comment

by:frankbustos
ID: 18773188
thanks bgbeer,  I was able to clean out the system and get it back to normal.
0
 
LVL 6

Expert Comment

by:bgbeer
ID: 18777240
glad I could help
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question